﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
using System.Security.Cryptography;
using System.Text;

namespace Bus_proj.website
{
    public partial class Detail_emp : System.Web.UI.Page
    {
        public static string getMd5Hash(string input)
        {
            MD5 md5Hasher = MD5.Create();
            byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
            StringBuilder sBuilder = new StringBuilder();

            for (int i = 0; i < data.Length; i++)
            {
                sBuilder.Append(data[i].ToString("x2"));
            }
            return sBuilder.ToString();
        }
        protected void Page_Load(object sender, EventArgs e)
        {
            if (!IsPostBack)
            {
                try
                {
                    if (Int32.Parse(Session["login_Access_id"].ToString()) == 2)
                    {
                        int user = Int32.Parse(Session["login_User"].ToString());
                        string user_detail = @"select *
                                from Table_Personnel
                                inner join Table_positions
                                    on Table_Personnel.Positions_id = Table_positions.Positions_id
                                inner join District
                                    on Table_Personnel.Personnel_district = District.DistrictId
                                inner join Amphur
                                    on Table_Personnel.Personnel_sub_district = Amphur.AmphurId
                                inner join Province
                                    on Table_Personnel.Personnel_province = Province.ProvinceId
                                where Table_Personnel.Personnel_id = '" + user + "'";
                        SqlCommand sqlcomm = new SqlCommand();
                        string Connection = ConfigurationManager.ConnectionStrings["Bus_proConnectionString"].ConnectionString;
                        SqlConnection sqlconn = new SqlConnection(Connection);
                        SqlDataAdapter da = new SqlDataAdapter(user_detail, sqlconn);
                        DataTable dt = new DataTable();
                        da.Fill(dt);

                        try
                        {
                            TextBox18.Text = dt.Rows[0]["Personnel_id"].ToString();
                            TextBox13.Text = dt.Rows[0]["Personnel_prefix"].ToString();
                            TextBox1.Text = dt.Rows[0]["Personnel_name"].ToString();
                            TextBox2.Text = dt.Rows[0]["Personnel_surname"].ToString();
                            TextBox14.Text = dt.Rows[0]["Personnel_sex"].ToString();
                            TextBox4.Text = dt.Rows[0]["Personnel_birthday"].ToString();
                            TextBox5.Text = dt.Rows[0]["Personnel_home_no"].ToString();
                            TextBox6.Text = dt.Rows[0]["Personnel_village_no"].ToString();
                            TextBox7.Text = dt.Rows[0]["Personnel_lane"].ToString();
                            TextBox12.Text = dt.Rows[0]["Personnel_road"].ToString();
                            TextBox17.Text = dt.Rows[0]["DistrictName"].ToString();
                            TextBox16.Text = dt.Rows[0]["AmphurName"].ToString();
                            TextBox15.Text = dt.Rows[0]["ProvinceName"].ToString();
                            TextBox8.Text = dt.Rows[0]["Personnel_post"].ToString();
                            TextBox9.Text = dt.Rows[0]["Personnel_mail"].ToString();
                            TextBox11.Text = dt.Rows[0]["Personnel_tel"].ToString();
                            TextBox3.Text = dt.Rows[0]["Personnel_identification"].ToString();
                            TextBox19.Text = dt.Rows[0]["Positions_name"].ToString(); ;

                        }
                        catch (Exception)
                        {

                        }
                    }
                    else
                    {
                        Response.Redirect("login.aspx");
                    }
                }
                catch (Exception)
                {
                    Response.Redirect("login.aspx");
                }
                
            }                         
        }

        protected void Button1_Click(object sender, EventArgs e)
        {
            try
            {
                if (TextBox21.Text.Equals(TextBox22.Text))
                {
                    DataClasses1DataContext db = new DataClasses1DataContext();
                    string pass = TextBox20.Text;
                    string identication = Session["login_Personnel_identification"].ToString();
                    var q = from p in db.Table_Personnels
                            where p.Personnel_identification == identication & p.Personnel_pass == getMd5Hash(pass)
                            select p;
                    q.ToList().ForEach(c => c.Personnel_pass = getMd5Hash(TextBox21.Text));
                    db.SubmitChanges();
                    ScriptManager.RegisterClientScriptBlock(this.Page, this.Page.GetType(), "alert", "alert('เปลี่ยนรหัสผ่านเสร็จสิ้น');", true);
                }
                else
                {
                    ScriptManager.RegisterClientScriptBlock(this.Page, this.Page.GetType(), "alert", "alert('ไม่สามารถเปลี่ยนรหัสผ่านได้');", true);
                }
                
            }
            catch (Exception)
            {
                ScriptManager.RegisterClientScriptBlock(this.Page, this.Page.GetType(), "alert", "alert('ไม่สามารถเปลี่ยนรหัสผ่านได้');", true);
            }
        }      
      
    }
}